ecdb4e6bdc987923a070abaecc3ae4bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ecdb4e6bdc987923a070abaecc3ae4bb_JaffaCakes118
Size

46KB
MD5

ecdb4e6bdc987923a070abaecc3ae4bb
SHA1

8e4397a4074a6690993cc1c210c96b8a0b80888c
SHA256

19cb89665d6b37293807523da3b59a0d5648e85707ae656849295816288e3ada
SHA512

d92047d76dcf473fb7555decb8c321d3a343bbddb962dcc56bd4adc91ddde66ede60270375f8f186ed2ebf39a5f27b3529e0dedd882fd25b160dba87c34ecff9
SSDEEP

768:ZSnBjm7yc7HR4XQmpLlPmyk1HQwi9630NkQKYwiQM:l7yc7HRIFPVkLiK0SQ9wiQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecdb4e6bdc987923a070abaecc3ae4bb_JaffaCakes118

Files

ecdb4e6bdc987923a070abaecc3ae4bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c0dcac3f5ebe5a3c502a3732c67d7e71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Desktop and Data\Screen\Chapter2\Log.pdb

Imports

kernel32

GetSystemWindowsDirectoryW

Exports

Exports

ResampleForge
?ArchitectureConnect@@YGPAEPAXJ@Z
?ArchitectureCreate@@YGPAEPAXJ@Z
?ArchitectureDestroy@@YGPAEPAXJ@Z
?ArchitectureGive@@YGPAEPAXJ@Z
?ArchitectureLoad@@YGPAEPAXJ@Z
?ArchitectureOutput@@YGPAEPAXJ@Z
?ArchitecturePos@@YGPAEPAXJ@Z
?ArchitectureRun@@YGPAEPAXJ@Z
?ArchitectureService@@YGPAEPAXJ@Z
?ArchitectureTest@@YGPAEPAXJ@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.conas
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.const
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ